In: Computer Science
1. Why is it important for mobile workers and users to know what the risks, threats, and vulnerabilities are when conducting remote access through the public Internet?
2. Why does the mock XYZ Health Care Provider need to define a remote access policy to properly implement remote access through the public Internet?
3. Why is a remote access policy definition a best practice for handling remote employees and authorized users who require remote access from home or on business trips?
4. What security controls, monitoring, and logging should be enabled for remote VPN access and users?
5. Why should an organization mention that it will be monitoring and logging remote access use in its remote access policy definition?
1. Why is it important for mobile workers and users to know what
the risks, threats, and vulnerabilities are when conducting remote
access through the public Internet?
Answer:-------- To ensure that they are aware of how easy
it is to gain information from the public internet, especially when
they are accessing confidential information.
2. Why does the mock XYZ Health Care Provider need to define a
remote access policy to properly implement remote access through
the public Internet?
Answer:-------- Without a proper policy to correctly define
your Remote Access, any user will be able to insert and overwrite
any details about the policy.
3. Why is a remote access policy definition a best practice for
handling remote employees and authorized users who require remote
access from home or on business trips?
Answer:-------- Designed to minimize the potential exposure
of private information, which may result from unauthorized use of
resources. Damages include the loss of sensitive or confidential
data, intellectual property, damage to public image, damage to
critical internal systems, etc
4. What security controls, monitoring, and logging should be
enabled for remote VPN access and users?
Answer:-------- Multi-factor authentication of users and
computers and a Password Lockout Policy and the controls needed for
a VPN. An account and computer audit Policy will monitor and log
events and can send notifications to System
Administrators.
5. Why should an organization mention that it will be monitoring
and logging remote access use in its remote access policy
definition?
Answer:-------- Users should be notified by way of the
Acceptable Use Policy that they may be monitored for compliance and
that their activities are logged. This protects the organization
and the user and is instrumental in helping establish
compliance.